This is a preview - click here to buy the full publication

INTERNATIONAL ISO/IEC
STANDARD 25030

Second edition
2019-08

Systems and software engineering —

Systems and software quality
requirements and evaluation
(SQuaRE) — Quality requirements
framework

Reference number
ISO/IEC 25030:2019(E)

© ISO/IEC 2019
 This is a preview - click here to buy the full publication
ISO/IEC 25030:2019(E)


COPYRIGHT PROTECTED DOCUMENT

© ISO/IEC 2019
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Fax: +41 22 749 09 47
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland

ii  © ISO/IEC 2019 – All rights reserved

 This is a preview - click here to buy the full publication
ISO/IEC 25030:2019(E)


Contents Page

Foreword...........................................................................................................................................................................................................................................v
Introduction................................................................................................................................................................................................................................. vi
1 Scope.................................................................................................................................................................................................................................. 1
2 Normative references....................................................................................................................................................................................... 1
3 Terms and definitions...................................................................................................................................................................................... 2
4 Abbreviated terms............................................................................................................................................................................................... 4
5 Conformance.............................................................................................................................................................................................................. 5
6 Concept of quality requirements.......................................................................................................................................................... 5
6.1 General............................................................................................................................................................................................................ 5
6.2 Types of quality requirements................................................................................................................................................... 5
6.3 Targets for quality requirements............................................................................................................................................. 5
6.4 Quality models and measures for quality requirements..................................................................................... 7
6.5 Important considerations of quality requirements................................................................................................. 7
6.5.1 Sources of quality requirements......................................................................................................................... 7
6.5.2 Categories of ICT products....................................................................................................................................... 8
6.5.3 Interrelation with functional/data requirements................................................................................ 8
6.5.4 Derivation of quality requirements.................................................................................................................. 9
6.5.5 Quality requirements trade-offs.......................................................................................................................... 9
7 Quality requirements processes........................................................................................................................................................10
7.1 General......................................................................................................................................................................................................... 10
7.2 Overview of quality requirements processes............................................................................................................. 10
7.3 Elicitation of quality needs......................................................................................................................................................... 11
7.3.1 Identification of stakeholders............................................................................................................................. 11
7.3.2 Defining stakeholder needs.................................................................................................................................. 11
7.4 Steps for defining quality requirements......................................................................................................................... 12
7.4.1 Overall description....................................................................................................................................................... 12
7.4.2 Definition of steps......................................................................................................................................................... 14
8 Using and governing quality requirements............................................................................................................................16
8.1 Critical success factors for implementing quality requirements............................................................... 16
8.2 Quality requirements traceability........................................................................................................................................ 17
8.3 Critical factors for testing quality requirements..................................................................................................... 17
Annex A (informative) Recommended process for elicitation of quality needs....................................................18
Annex B (informative) Example for mapping quality needs to quality characteristics.................................24
Annex C (informative) Example for specifying quality requirements.............................................................................27
Annex D (informative) Relationship to ISO/IEC/IEEE 15288 (System lifecycle processes)......................28
Annex E (informative) Relationship to ISO/IEC/IEEE 29148 (Requirement engineering)........................31
Annex F (informative) Derivation from quality in use requirements to product quality
requirements.........................................................................................................................................................................................................35
Annex G (informative) Example of relationship between product quality characteristics.......................37
Annex H (informative) Example of deployment and traceability of quality requirements to
software.......................................................................................................................................................................................................................39
Annex I (informative) Example of stakeholder-target matrix.................................................................................................40
Annex J (informative) Examples of level of quality required for different ICT products(using
decision table format)..................................................................................................................................................................................42
Annex K (informative) IT service quality requirements................................................................................................................45

© ISO/IEC 2019 – All rights reserved  iii

 This is a preview - click here to buy the full publication
ISO/IEC 25030:2019(E)


Bibliography.............................................................................................................................................................................................................................. 46

iv  © ISO/IEC 2019 – All rights reserved

 This is a preview - click here to buy the full publication
ISO/IEC 25030:2019(E)


Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that
are members of ISO or IEC participate in the development of International Standards through
technical committees established by the respective organization to deal with particular fields of
technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other
international organizations, governmental and non-governmental, in liaison with ISO and IEC, also
take part in the work.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for
the different types of document should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www​.iso​.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject
of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent
rights. Details of any patent rights identified during the development of the document will be in the
Introduction and/or on the ISO list of patent declarations received (see www​.iso​.org/patents) or the IEC
list of patent declarations received (see http:​//patents​.iec​.ch).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see www​.iso​
.org/iso/foreword​.html.
This document was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,
Subcommittee SC 7, Software and Systems Engineering.
This second edition cancels and replaces the first edition (ISO/IEC 25030:2007), which has been
technically revised.
The main changes compared to the previous edition are as follows:
— extension of the view from software to system;
— enhancement and deployment of quality requirements;
— clarification of quality requirements definition steps:
— stating them exhaustively by using the quality models;
— specifying them with the quality measures with criteria for evaluation;
— clarification of how to use quality requirements.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www​.iso​.org/members​.html.

© ISO/IEC 2019 – All rights reserved  v

 This is a preview - click here to buy the full publication
ISO/IEC 25030:2019(E)


Introduction
It is important to identify and specify quality requirements as part of system, software and data
requirements, because finding the right balance of quality requirements, in addition to well-specified
functional requirements, is a critical success factor to meet the stakeholders' objectives. Quality
requirements are needed for:
— specifying the system, including contractual agreements and call for tender;
— planning the project, including feasibility analysis;
— developing the system, including identification of architecture drivers or potential quality problems
during development; and
— evaluating the system, including objective assessment and certification of quality.
This document focuses on defining, using and governing quality requirements. If not clearly defined,
they can be viewed, interpreted, implemented and evaluated differently by the relevant stakeholders.
This can result in systems that are inconsistent with user expectations and of poor quality; and time
and cost overruns to rework the system. Therefore quality requirements for the system need to be
specified clearly at the earliest stage of the development or acquiring process as possible, to provide a
critical input to the development or acquisition.
This document can be used to improve the quality of quality requirements, by providing requirements
and recommendations for them, and provides guidance for the steps used to define and use them.
Quality requirements can be categorized into characteristics/subcharacteristics by using the
quality models defined in the ISO/IEC 2501n family of standards. Measures of these characteristics/
subcharacteristics, which are defined in the ISO/IEC 2502n family of standards, can be used to specify
quality requirements and evaluate the quality of the target system or data. After ISO/IEC 25030:2007
was published, several international standards which define these models and measures have been
published and so the previous edition has become inconsistent with these standards.
Furthermore many systems are now deeply embedded into social infrastructures used in daily life. This
requires the systems to achieve much higher quality; e.g., connected systems need to be interoperable
and secure, reliable, maintainable and usable.
This revision updates the quality requirements division of SQuaRE series, aligning it with the other
divisions, and furthermore providing more practical guidelines for defining and using quality
requirements.
Figure 1 illustrates the organization of the SQuaRE series representing families of standards, further
called divisions. The SQuaRE series consists of five main divisions and on extension division. The
divisions within the SQuaRE series are:
— ISO/IEC 2500n — Quality Management Division. The standards that form this division define
all common models, terms and definitions used by all other standards in the SQuaRE series. The
division also provides requirements and guidance for the planning and management of a project.
— ISO/IEC 2501n — Quality Model Division. The standards that form this division provide quality
models for system/software products, quality in use (QIU), data, and IT services. Practical guidance
on the use of the quality model is also provided.
— ISO/IEC 2502n — Quality Measurement Division. The standards that form this division include
a system/software product quality measurement reference model, definitions of quality measures,
and practical guidance for their application. This division presents internal measures of software
quality, external measures of software quality, QIU measures and data quality measures. Quality
measure elements forming foundations for the quality measures are defined and presented.
— ISO/IEC 2503n — Quality Requirements Division. The standard that forms this division helps
specifying quality requirements. These quality requirements can be used in the process of quality

vi  © ISO/IEC 2019 – All rights reserved

 This is a preview - click here to buy the full publication
ISO/IEC 25030:2019(E)


requirements elicitation for a system/software product to be developed, designing a process for

achieving necessary quality, or as inputs for an evaluation process.
— ISO/IEC 2504n — Quality Evaluation Division. The standards that form this division provide
requirements, recommendations and guidelines for system/software product evaluation, whether
performed by independent evaluators, acquirers or developers. The support for documenting a
measure as an Evaluation Module is also presented.
ISO/IEC 25050 to ISO/IEC 25099 are reserved for SQuaRE extension International Standards, which
currently include in ISO/IEC 25051 requirements for quality of Ready to Use Software Products (RUSP)
and instructions for testing, and in ISO/IEC TR 25060 to ISO/IEC 25069 common industry format for
usability.

Figure 1 — Organization of the SQuaRE series of International Standards

© ISO/IEC 2019 – All rights reserved  vii

This is a preview - click here to buy the full publication
 This is a preview - click here to buy the full publication

INTERNATIONAL STANDARD ISO/IEC 25030:2019(E)

Systems and software engineering — Systems and software

quality requirements and evaluation (SQuaRE) — Quality
requirements framework

1 Scope
This document provides the framework for quality requirements for systems, software products and
data, which includes concept of the quality requirements, and requirements and recommendations for
the processes and methods to elicit, define, use and govern them. Intended readers of this document
include, but are not limited to:
— acquirers: evaluate if the system/software products/data fulfills their value proposition, i.e., meets
the expected quality,
— developers: design, implement and test the system/software products/data to ensure that it meets
the expected quality,
— testers: verify and validate that the system/software products/data meets the expected quality,
— project managers: plan, monitor and control the achievement of the expected quality, and
— independent evaluators: evaluate the system/software products/data with the objective criteria.
This document complies with the technical processes defined in ISO/IEC/IEEE 15288, which are
relevant for elicitation of stakeholders’ quality needs and for defining, analyzing and maintaining
quality requirements. In this document, the quality models in ISO/IEC 25010 and ISO/IEC 25012 are
used to categorize quality requirements and to provide a basis for quantifying them in terms of quality
measures in the quality measure division of ISO/IEC 2502n.
This document does not cover specification of the other requirements (such as functional requirements,
process requirements, etc.), and prescribes neither any specific quality measure nor any specific
development process.

2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
ISO/IEC 25000:2014, Systems and software engineering — Systems and software Quality Requirements
and Evaluation (SQuaRE) — Guide to SQuaRE
ISO/IEC 25010:2011, Systems and software engineering — Systems and software Quality Requirements
and Evaluation (SQuaRE) — System and software quality models
ISO/IEC 25012, Software engineering — Software product Quality Requirements and Evaluation
(SQuaRE) — Data quality model
ISO/IEC 25022, Systems and software engineering — Systems and software quality requirements and
evaluation (SQuaRE) — Measurement of quality in use
ISO/IEC 25023, Systems and software engineering — Systems and software Quality Requirements and
Evaluation (SQuaRE) — Measurement of system and software product quality

© ISO/IEC 2019 – All rights reserved  1

 This is a preview - click here to buy the full publication
ISO/IEC 25030:2019(E)


ISO/IEC 25024, Systems and software engineering — Systems and software Quality Requirements and
Evaluation (SQuaRE) — Measurement of data quality
ISO/IEC/IEEE 15288:2015, Systems and software engineering — System life cycle processes

3 Terms and definitions

For the purposes of this document, the terms and definitions given in ISO/IEC 25000 and the
following apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:​//www​.iso​.org/obp
— IEC Electropedia: available at http:​//www​.electropedia​.org/
NOTE The essential definitions from ISO/IEC 25000 and the other ISO standards are reproduced here.

3.1
classification axis
total range of a mapping of systems and software for categorizing them from a particular perspective
[SOURCE: ISO/IEC TR 12182:2015, 3.7]
3.2
context of use
conditions and constraints under which ICT products (3.8) are used by specific users (3.20) in a specific
environment to achieve specific goals as part of the larger information system (3.10)
Note 1 to entry: Environment includes physical aspects such as equipment and resources as well as social aspects
such as demographics and culture.

3.3
deployment
deployment of requirements
assignment of requirements (3.16) along with the system decomposition
3.4
derivation
derivation of requirements
translation and elaboration of requirements (3.16) from one type of requirements to another in the
same system level
Note 1 to entry: Types of requirements include quality in use (3.13) requirements, product quality requirements
(3.15) and data requirements.

3.5
domain-based requirement
requirement (3.16) originated from its application domain
3.6
functional requirement
requirement (3.16) that specifies a function that a system or system component shall perform
[SOURCE: IEEE 730:2014, 3.2]
3.7
ICT requirement
requirement (3.16) resulting from adoption of some information and communication technologies (ICTs)
technical solutions in the design process
Note 1 to entry: ICT technical solutions include web-based technologies, cloud servers, and so on.

2  © ISO/IEC 2019 – All rights reserved